Ofcom publishes UK age verification proposals The Register

The UK's communications regulator has laid out guidance on how online services might perform age checks as part of the Online Safety Act.
The range of proposals from Ofcom are likely to send privacy activists running for the hills.
These include credit card checks, facial age estimation, and photo ID matching.
The checks are all in the name of protecting children from the grot that festoons large swathes of the world wide web.
Service providers will likely be stuck between a rock and a hard place in implementing the guidance without also falling foul of privacy regulations.
Open banking, where a bank confirms a user is over 18 without sharing any other personal information.
Mobile network operator age check, where the responsibility is shunted onto an MNO content restriction filter that can only be removed if the device user can prove to the MNO that they are over 18.
Photo ID matching, where an image of the user is compared to an uploaded document used as proof of age to verify that they are the same person.
Credit card checks, where a credit card account is checked for validity - in the UK, credit card holders must be over 18.
Digital identity wallets and, our favorite, facial age estimation, where the features of a user's face are analyzed to estimate the user's age.
In 2022, the UK government threatened the requirement of handing over all range of personal data to access social media sites.
The idea of age verification was floated years before and has returned as part of the Online Safety Bill.
The previous time around, the idea of allowing certain firms to work as information collaters / age verification service providers was floated, with critics correctly surmising this would create huge jackpot targets of citizen data.
In 2022, Daniel Pryor, then head of research at the Adam Smith Institute think tank, warned that any tech-savvy teen would likely be able to circumvent restrictions, while adults entering their details stood every chance of being exposed in the event of a data breach.
The Ofcom proposals include guidance on data protection as well as age assurance, all of which will add to the burden faced by operators trying to deal with age checks while also ensuring user data is protected.
No, simply asking the user to confirm they are over 18 or popping up a disclaimer isn't going to be sufficient to satisfy the regulator.
Ofcom is vague when it comes to defining what constitutes such a number.
Ofcom also states that sites must not provide information or links to Virtual Private Network providers.
There is every risk that by throwing up such blocks, users will be tempted to look into the technology, which carries its own dangers.
The final guidance is due in early 2025, after which Ofcom expects the UK government to bring the duties into force.


This Cyber News was published on go.theregister.com. Publication date: Tue, 05 Dec 2023 10:43:06 +0000


Cyber News related to Ofcom publishes UK age verification proposals The Register

Ofcom publishes UK age verification proposals The Register - The UK's communications regulator has laid out guidance on how online services might perform age checks as part of the Online Safety Act. The range of proposals from Ofcom are likely to send privacy activists running for the hills. These include ...
10 months ago Go.theregister.com
EFF's Submission to Ofcom's Consultation on Illegal Harms - More than four years after it was first introduced, the Online Safety Act was passed by the U.K. Parliament in September 2023. EFF has opposed the Online Safety Act since it was first introduced. The Act empowers the U.K. government to undermine not ...
6 months ago Eff.org
PornHub now also blocks Texas over age verification laws - PornHub has now added Texas to its blocklist, preventing users in the state from accessing its site in protest of age verification laws. Texas' age verification bill HB 1181, passed last year, went back into effect last week after the State won an ...
6 months ago Bleepingcomputer.com
Mississippi Can't Wall Off Everyone's Social Media Access to Protect Children - In what is becoming a recurring theme, Mississippi became the latest state to pass a law requiring social media services to verify users' ages and block lawful speech to young people. Once again, EFF explained to the court why the law is ...
3 months ago Eff.org
Ofcom Preparing 'Strong Action' Against Tech Giants | Silicon UK - In an interview with the Financial Times, Ofcom chief executive Melanie Dawes said that it will take “strong action” against tech companies that break new rules on content moderation, even if it has limited powers to stop the spread of lies ...
5 days ago Silicon.co.uk
Teaching Digital Ethics: Navigating the Digital Age - In today's digital age, where technology permeates every aspect of our lives, the need for ethical behavior in the digital realm has become increasingly crucial. This article explores the significance of digital ethics education in our society and ...
9 months ago Securityzap.com
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
PornHub blocks North Carolina, Montana over new age verification laws - Adult media giant Aylo has blocked access to many of its websites, including PornHub, to visitors from Montana and North Caroline as new age verifications laws go into effect. This move also impacts other adult sites owned by the company, including ...
9 months ago Bleepingcomputer.com
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
4 months ago Tenable.com
Fighting European Threats to Encryption: 2023 Year in Review - In the online world, the best tool we have to defend this right is end-to-end encryption. Politicians across Europe attempted to undermine encryption, seeking to access and scan our private messages and pictures. EFF spent this year fighting hard ...
9 months ago Eff.org
King Charles III signs off on UK Online Safety Act The Register - With the assent of King Charles, the United Kingdom's Online Safety Act has become law, one that the British government says will "Make the UK the safest place in the world to be online." The Online Safety Act, which began in April 2019 as the Online ...
10 months ago Theregister.com
States Attack Young People's Constitutional Right to Use Social Media: 2023 Year in Review - Legislatures in more than half of the country targeted young people's use of social media this year, with many of the proposals blocking adults' ability to access the same sites. Courts blocked several of these laws for violating the First ...
9 months ago Eff.org
Rules To Regulate Bank's Tech Reliance - Financial Conduct Authority, Bank of England publish proposals to bolster tech resistance of the financial sector. The UK financial sector's reliance on technology and big name firms is being addressed by the Bank of England, Financial Conduct ...
10 months ago Silicon.co.uk
1Kosmos Unifies Identity Verification User Journeys Across Web and Mobile Platforms - PRESS RELEASE. EAST BRUNSWICK, N.J., Nov. 29, 2023 - 1Kosmos, the company that unifies identity proofing and passwordless authentication, today announced the 1Kosmos BlockID platform now enables organizations to seamlessly extend web-based identity ...
10 months ago Darkreading.com
CVE-2022-31156 - Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, ...
1 year ago
DataVisor integrates SMS customer verification into its platform - DataVisor announced the expansion of its end-to-end platform capabilities with the integration of SMS customer verification for fraudulent transactions. This new offering, powered by Twilio technology, provides customers with enhanced fraud ...
9 months ago Helpnetsecurity.com
EFF to Court: Strike Down Age Estimation in California But Not Consumer Privacy - The Electronic Frontier Foundation called on the Ninth Circuit to rule that California's Age Appropriate Design Code violates the First Amendment, while not casting doubt on well-written data privacy laws. EFF filed an amicus brief in the case ...
7 months ago Eff.org
CVE-2024-35196 - Sentry is a developer-first error tracking and performance monitoring platform. Sentry's Slack integration incorrectly records the incoming request body in logs. This request data can contain sensitive information, including the deprecated Slack ...
4 months ago
Trulioo Launches Global Identity Platform for Person and Business Verification - Identity verification firm Trulioo on Tuesday launched a new global identity platform for Person and Business verification. Trulioo so far sold multiple identity products, each operating in their own silos. Their products and services range from ...
1 year ago Csoonline.com
Three Big Porn Websites Must Verify User's Age In EU - Three of the world's biggest porn websites will now be forced to new rules in the European Union, including verifying the ages of users. The Commission said that the designation is the result of its investigations, concluding that the three services ...
9 months ago Silicon.co.uk
CVE-2022-45786 - There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to ...
1 year ago
CVE-2024-26706 - In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random data corruption from exception handler The current exception handler implementation, which assists when accessing user space memory, may exhibit random data ...
6 months ago Tenable.com
Securing helpdesks from hackers: What we can learn from the MGM breach - In the wake of the MGM Resorts service desk hack, it's clear that organizations need to rethink their approach to security, particularly when it comes to verifying the identity of employees contacting the helpdesk. In this article, we'll explore how ...
9 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)